April 11, 2017

The Linux Command Line

Linux Command Line

The Linux command line provides a way to manually interact with the Linux operating system. The shell program is a program that acts as an interface between the user and the rest of the Linux operating system, including the kernel.

The shell displays the shell prompt. Users enter commands at this prompt. By default, the shell display one of two prompts, depending on the type of user logged in.

For root users, the prompt is the # symbol:
 
For non-root users, the prompt is the $ symbol:
 
The shell accepts the commands and processes it. The Linux command line refers to commands entered at the shell prompt.

The command line ends when you hit the Enter key.
A command line however can be extended beyond a single line. I.e. if the command line is longer than one line, you can use the backslash to extend the command line to two or more lines, e.g.

sudo docker run -v /home/user1/foo:/home/user2/src -v /projects/foo:/home/user2/data \
-p 127.0.0.1:40180:80 -p 127.0.0.1:48000:8000 -p 45820:5820 -t -i user2/foo bash

When the shell sees the backslash, it knows to ignore the Enter key and expect more arguments and/or options.

There are many shells in Linux. A commonly used shell is bash, the Bourne Again SHell. When you start a Linux container in Docker, you can specify which shell it should run, e.g. $ docker run --rm -it debian bash.

The Linux command line consists of three main types of objects: command, argument(s), option(s).
Command is the application/program to run, e.g. ls, perl, docker, docker-compose, etc. The command is always the first object on the command line.

There is normally one command object per command line. An exception is if you have pipes (|). A pipe allows multiple commands to be run in series on the same "command line". More on pipes in a later article.

An argument is a parameter or sub-command used to provide command with additional information, e.g. by itself, the ls command lists the files or directories in the current directory. To list files in another directory, you can enter the other directory as an argument, e.g. ls /opt/bin. A command line can have zero or more arguments.

Options are used to modify the behavior of the command. E.g. the ls command will display visible files/directories. Given the -a option, e.g. ls -a, it will display both visible and non-visible files.

Options come in two forms: short-form, typically prepended with a single dash, and long-form, prepended with two dashes. Examples:
  • short-form option: ls -a or docker ps -a
  • Long-form option: ls --all or docker ps --all
There can be zero or more options per command line. Use a space to separate multiple options. You can mix and match short-form and long-form options on the same command line:
  • ls --all -l
For the short-form notation, you are allowed to concatenate the options. I.e. instead of ls -a -F -l, it's OK to combine the options, prepending the set with a single dash, e.g. ls -aFl.

An exception to being able to combine options is if the option requires an argument, i.e. the -v option in Docker requires the volume path or directory as an argument, e.g. docker run -v /data, as such it should stand by itself.

Docker: Deprecated Features

Deprecated Features

Periodically, existing Docker features may be removed or replaced with newer features.

Features to be removed/replaced are marked as deprecated in Docker documentation.
Deprecated features will remain available in Docker for at least three stable releases (roughly 9 months).

Users are expected to migrate away from deprecated features as soon as possible and within the deprecation time-frame.

References:
  • Deprecated Features page.

Docker: Combine Options

Combining options

Multiple single-character command line options, particularly if they do not require an argument, can be combined.

For example, rather than typing:
  • docker run -i -t --name test busybox sh
you can use:
  • docker run -it --name test busybox sh

References:

Docker: Getting Help

Getting help

To get help with Docker at the command line, simply append the --help option to the command line:
  • docker --help
  • docker <command> --help
  • Note: If you enter an incomplete command, Docker will usually display a condensed syntax for that command

April 10, 2017

Docker and Sudo

Docker and Sudo

Docker is a privileged command that only the root or system administrator can run. In order to use docker, you have to be root or a superuser. However, from a security point of view it's best practice to login in as a non-root user and elevate your privileges to root only when needed to administer the system.

The sudo command allows a non-root user to run commands reserved only for root. Depending on your Docker host configuration, you may be required to prepend docker commands with sudo:


To avoid this, particularly in a non-production environment, add a user to the docker group. Users that are part of the docker group can use docker without having to prepend sudo. E.g. edit the /etc/group file and a update the line:

docker:x:999: to docker:x:999:user

where user is the username of a user on the system. To add multiple users delimit each name with a comma. Docker can then be run without prepending sudo.

 

Docker Command Line Syntax

Docker Command Line Syntax

  • docker
    • A self-sufficient runtime for containers
    • Usage:
      • docker COMMAND [OPTIONS] [arg...]
      • docker [ --help | -v | --version ]
  • docker-machine
    • Create and manage machines running Docker
    • Usage:
      • $ docker-machine [OPTIONS] COMMAND [arg…]
  • docker-compose
    • Define and run multi-container applications with Docker
    • Usage:
      • $ docker-compose [-f <arg>...] [options] [COMMAND] [ARGS…]
      • $ docker-compose -h|--help

Docker Command Line

Docker Command Line


Note: multiple short-form command line options without arguments can be combine, e.g. instead of specifying -i and -t separately, they can be combined under a single dash, as in, -it.

April 09, 2017

Docker Command Line: Real-world Question

Docker Command Line: Real-world Question

Some time ago a user posted this question on the Google Docker Group. He had inherited a Docker platform and wanted to know what the following command line did:

$ sudo docker run -v /home/user1/foo:/home/user2/src -v /projects/foo:/home/user2/data  \
-p 127.0.0.1:40180:80 -p 127.0.0.1:48000:8000 -p 45820:5820 -t -i user2/foo bash

Let's take each command line parameter in turn:

Parameter Description
sudo used to run docker as the super user if not previously setup
docker run docker run command
-v <host path>:<container path> maps a host volume into a container
-p <hostIP>:<hostPORT>:<containerPORT> binds a container port to a host port from a specific host IP
-p <hostPORT>:<containerPORT> binds a container port to a host port from any host IP
-t attaches a terminal to the container
-i enables interactive mode
user2/foo image identifier
bash container startup command

The main command, docker run, starts a container from the image, user2/foo and runs the bash executable in the container. Persistent data (-v) is enabled by mounting the host directory, /projects/foo, as a mount point /home/user2/data inside the container.

The container exposes three container ports 80, 8000, 5820 as host mounts 40180, 48000, 45820 respectively (-p). Additionally container ports 80 and 48000 can only be access on the host via local interface, 127.0.0.1.

Finally -i and -t are used to enable interactive access to the standard input and output of the container, i.e. you can enter commands directly at the keyboard and see the output on the terminal.

Note: The back-slash (\) at the end of the line is a continuation mark. It tells the Linux Shell that the command line continues on the next line; it joins the two lines together as one contiguous command line.

References: